Пример #1
0
    def test_05_two_tokens(self):
        # Save some values to the database
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{"username": "******", "response": RESP}]}
        )
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK002", "HOTP", {"offline": [{"username": "******", "response": RESP2}]}
        )

        pamh = PAMH("cornelius", "test100001")
        flags = None
        argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertEqual(r, PAMH.PAM_SUCCESS)

        # An older OTP value of the first token is deleted
        pamh = PAMH("cornelius", "test100000")
        flags = None
        argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertNotEqual(r, PAMH.PAM_SUCCESS)

        # An older value with another token can authenticate!
        pamh = PAMH("cornelius", "TEST100000")
        flags = None
        argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertEqual(r, PAMH.PAM_SUCCESS)
Пример #2
0
    def test_05_two_tokens(self):
        # Save some values to the database
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK001", "HOTP",
            {"offline": [{
                "username": "******",
                "response": RESP
            }]})
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK002", "HOTP",
            {"offline": [{
                "username": "******",
                "response": RESP2
            }]})

        pamh = PAMH("cornelius", "test100001")
        flags = None
        argv = [
            "url=http://my.privacyidea.server",
            "sqlfile=%s" % SQLFILE, "try_first_pass"
        ]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertEqual(r, PAMH.PAM_SUCCESS)

        # An older OTP value of the first token is deleted
        pamh = PAMH("cornelius", "test100000")
        flags = None
        argv = [
            "url=http://my.privacyidea.server",
            "sqlfile=%s" % SQLFILE, "try_first_pass"
        ]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertNotEqual(r, PAMH.PAM_SUCCESS)

        # An older value with another token can authenticate!
        pamh = PAMH("cornelius", "TEST100000")
        flags = None
        argv = [
            "url=http://my.privacyidea.server",
            "sqlfile=%s" % SQLFILE, "try_first_pass"
        ]
        r = pam_sm_authenticate(pamh, flags, argv)
        self.assertEqual(r, PAMH.PAM_SUCCESS)
Пример #3
0
    def test_01_check_offline_otp(self):
        # Check with no entries in the database
        r = check_offline_otp("cornelius", "test123456", SQLFILE)
        self.assertFalse(r)

        # Save some values to the database
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{"username": "******", "response": RESP}]}
        )
        r = check_offline_otp("cornelius", "test100000", SQLFILE)
        self.assertTrue(r)
        # Authenticating with the same value a second time, fails
        r = check_offline_otp("cornelius", "test100000", SQLFILE)
        self.assertFalse(r)
Пример #4
0
    def test_01_check_offline_otp(self):
        # Check with no entries in the database
        r = check_offline_otp("cornelius", "test123456", SQLFILE)
        self.assertFalse(r)

        # Save some values to the database
        r = save_auth_item(
            SQLFILE, "cornelius", "TOK001", "HOTP",
            {"offline": [{
                "username": "******",
                "response": RESP
            }]})
        r = check_offline_otp("cornelius", "test100000", SQLFILE)
        self.assertTrue(r)
        # Authenticating with the same value a second time, fails
        r = check_offline_otp("cornelius", "test100000", SQLFILE)
        self.assertFalse(r)